Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kWqUZHoilGvX-wvKqp8tsbGC2IQ.roa
File: kWqUZHoilGvX-wvKqp8tsbGC2IQ.roa (raw, json)
Hash identifier: zbPDafOiyLdTuBejyGO9jRlkvFU5U8NQsB1dK23pOqM=
Subject key identifier: 91:6A:94:64:7A:22:94:6B:D7:FB:0B:CA:AA:9F:2D:B1:B1:82:D8:84
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0194B81CDC797F9375E7A63AAD72353C45D9
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kWqUZHoilGvX-wvKqp8tsbGC2IQ.roa
Signing time: Thu 30 Jan 2025 16:48:06 +0000
ROA not before: Thu 30 Jan 2025 16:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59678
IP address blocks: 2a11:5c80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b8:1c:dc:79:7f:93:75:e7:a6:3a:ad:72:35:3c:45:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 30 16:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=916a94647a22946bd7fb0bcaaa9f2db1b182d884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:11:30:6e:51:ea:93:71:00:9a:70:34:cd:ab:
e0:45:49:b0:f5:fa:cc:6e:98:de:98:db:5d:c0:ab:
e9:d2:84:3f:96:0d:cc:e9:c0:17:33:d8:2e:8e:98:
1e:bb:5e:f1:13:a5:c1:a4:47:c2:c1:45:8c:95:b2:
79:6b:b2:e2:9e:12:9d:7e:e7:8c:c3:87:7c:d1:01:
de:59:c6:2f:1c:b0:1f:d4:5b:fc:1c:93:a7:69:c9:
5a:8f:78:38:28:b0:89:8b:62:d7:63:35:dc:a0:06:
04:18:4a:15:9a:2d:27:4c:dd:00:a6:4c:fe:3a:e5:
6f:63:6e:52:8f:87:96:53:81:62:d2:fc:8c:49:3f:
d8:ed:d1:84:e4:1d:27:eb:0e:47:c6:b0:59:e5:2f:
3a:d2:f4:af:85:80:39:e3:dc:d0:24:e1:84:6a:60:
a9:a3:38:c3:6e:0a:69:7f:e7:b3:9d:21:8a:39:bd:
b6:19:1c:d4:17:0b:a7:2f:55:f9:08:82:37:c0:9f:
aa:d6:9f:ab:89:8f:4b:fb:8b:3d:1f:83:f5:57:0c:
fb:f7:26:27:69:eb:f3:48:41:c3:3e:0b:66:cc:5a:
89:82:e7:27:dc:bc:f1:bf:8b:c6:1c:7d:38:57:74:
2f:f1:cf:e8:4b:7b:5a:a8:ce:54:e8:81:d2:4a:38:
cd:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:6A:94:64:7A:22:94:6B:D7:FB:0B:CA:AA:9F:2D:B1:B1:82:D8:84
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kWqUZHoilGvX-wvKqp8tsbGC2IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5c80::/29
Signature Algorithm: sha256WithRSAEncryption
a1:3f:41:f7:55:27:60:c9:ba:1d:a2:fb:27:17:00:7a:08:a8:
fc:dd:bb:d0:3e:4d:2f:1f:f8:f9:65:77:23:75:10:82:e7:b1:
da:c4:5f:9f:5c:cd:d2:55:2f:62:75:86:cf:ad:f2:e8:7e:7a:
bb:0d:2f:e8:91:05:2c:43:92:02:93:2e:94:67:78:09:46:5a:
18:64:0b:27:11:53:3a:91:bc:64:50:bf:0f:ac:12:95:a8:ef:
21:d4:78:d7:3b:2d:14:2d:44:37:f0:a3:79:7c:c3:31:82:69:
a8:34:9e:d0:b3:18:fc:bd:32:9f:cd:13:a7:9e:c0:7b:37:8a:
ef:db:b1:33:cd:33:61:c3:f5:59:c5:69:ec:09:0f:2f:fb:79:
bb:a8:de:10:05:df:a6:ea:4d:48:cb:6f:41:1d:ba:f5:d2:a8:
6f:9c:cb:51:6b:96:83:23:73:00:2a:67:0d:95:1d:bd:ae:f8:
8b:c7:ee:5c:c3:c5:0f:29:69:6a:0a:37:d8:38:5d:a6:e7:d4:
bb:74:84:12:7b:1c:9f:d0:af:d6:2c:71:95:02:98:13:d7:0b:
20:56:b4:e6:2b:de:35:39:c8:d2:4a:1d:bd:1d:78:43:46:25:
d6:a8:d5:6a:0c:fa:6d:86:85:b8:13:83:4b:55:78:b9:e5:ad:
b5:ba:24:8f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZS4HNx5f5N156Y6rXI1PEXZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTMwMTY0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTZhOTQ2NDdhMjI5NDZiZDdmYjBiY2FhYTlmMmRiMWIxODJkODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBEwblHqk3EAmnA0zavgRUmw9frM
bpjemNtdwKvp0oQ/lg3M6cAXM9gujpgeu17xE6XBpEfCwUWMlbJ5a7LinhKdfueM
w4d80QHeWcYvHLAf1Fv8HJOnaclaj3g4KLCJi2LXYzXcoAYEGEoVmi0nTN0Apkz+
OuVvY25Sj4eWU4Fi0vyMST/Y7dGE5B0n6w5HxrBZ5S860vSvhYA549zQJOGEamCp
ozjDbgppf+eznSGKOb22GRzUFwunL1X5CII3wJ+q1p+riY9L+4s9H4P1Vwz79yYn
aevzSEHDPgtmzFqJgucn3Lzxv4vGHH04V3Qv8c/oS3taqM5U6IHSSjjNXwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJFqlGR6IpRr1/sLyqqfLbGxgtiEMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEva1dxVVpIb2lsR3ZYLXd2S3FwOHRzYkdDMklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFcgDAN
BgkqhkiG9w0BAQsFAAOCAQEAoT9B91UnYMm6HaL7JxcAegio/N270D5NLx/4+WV3
I3UQguex2sRfn1zN0lUvYnWGz63y6H56uw0v6JEFLEOSApMulGd4CUZaGGQLJxFT
OpG8ZFC/D6wSlajvIdR41zstFC1EN/CjeXzDMYJpqDSe0LMY/L0yn80Tp57AezeK
79uxM80zYcP1WcVp7AkPL/t5u6jeEAXfpupNSMtvQR269dKob5zLUWuWgyNzACpn
DZUdva74i8fuXMPFDylpago32DhdpufUu3SEEnscn9Cv1ixxlQKYE9cLIFa05ive
NTnI0kodvR14Q0Yl1qjVagz6bYaFuBODS1V4ueWttbokjw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:19:51 2025 by rpki-client